$2.7 million await successful Pwnium 4 contestants
Posted on 24 January 2014.
Google has, once again, called security researchers to participate in its annual Pwnium contest scheduled to be held at the CanSecWest security conference in Vancouver in mid-March.


The fourth edition of the hacking contest will, as last year, focus on the company's Chrome OS, and competitors will contend for sizeable prizes.

Contestants who manage to execute a browser or system-level compromise in guest mode or as a logged-in user, delivered via a web page, will win $110,000, and those who carry our a compromise with device persistence (“persistent Guest-to-Guest exploit” with interim reboot, delivered via a web page) will gain a cool $150,000.

The prize pool is $2.71828 million in total.

"New this year, we will also consider significant bonuses for demonstrating a particularly impressive or surprising exploit. Potential examples include defeating kASLR, exploiting memory corruption in the 64-bit browser process or exploiting the kernel directly from a renderer process," explained Jorge Lucángeli Obes, Google security engineer and Pwnium Master of Ceremonies.

"Past Pwnium competitions have focused on Intel-based Chrome OS devices, but this year researchers can choose between an ARM-based Chromebook, the HP Chromebook 11 (WiFi), or the Acer C720 Chromebook (2GB WiFi) that is based on the Intel Haswell microarchitecture. The attack must be demonstrated against one of these devices running the then-current stable version of Chrome OS."

As usual, to win a prize they will have to deliver a full exploit with thorough explanations about the exploited bugs. Any software included with the default installation may be used as part of the attack.

Researchers thinking of registering have until March 10th, 2014 to decide.

For more details, check out the official rules for the contest.









Spotlight

The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Sep 1st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //